From patchwork Wed Sep  5 02:50:31 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Khalid Elmously <khalid.elmously@canonical.com>
X-Patchwork-Id: 966197
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com
	(client-ip=91.189.94.19; helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 424p9b4HR5z9sCw;
	Wed,  5 Sep 2018 12:50:59 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1fxNu8-0003a7-H8; Wed, 05 Sep 2018 02:50:52 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.86_2) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNu6-0003ZU-4Y
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:50 +0000
Received: from mail-io0-f199.google.com ([209.85.223.199])
	by youngberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNu5-0005Ol-Qk
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:49 +0000
Received: by mail-io0-f199.google.com with SMTP id w23-v6so5537812iob.18
	for <kernel-team@lists.ubuntu.com>;
	Tue, 04 Sep 2018 19:50:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=FWlXod1nLTIdIAeKuXsqazJgweX52WGQt75xZNcrujA=;
	b=s4PEU8RA5x+3Ktg87Yp0GNMOcKGwlNgm/XAY0yyg4mzs/bvTiNHFm2Avk5O9GEtz3v
	R9EN/lOOmJQHTIg5dnafBP/eGufo9zl6Ap7I1LrWG8w+4sOWUj2E6XGV3xQxyDOgudaL
	7anlo08KvEF/WuZE1gtWF9I1jxk1D82Z2qxFlSxUXHk8ZIpvXdyRbyvnwgZHldJk+3gC
	4O7+UC/iqd0G5fK/RBZ62N6kOilsfX3GIZE6qIF4Qv2Qz8tiN1i0wkRo7V0He/H7Qdvk
	CC0z+5O8+LIErWd/oDYv+zDJu6peXuBnFgnCPt98FLXlDjXidtaDuYKwaoGtQeO/dPMu
	y5XA==
X-Gm-Message-State: APzg51A4oVcdZIVWISSGEegoSQBs8T6jQOeblG7HUKxxdCnqRfbd8Fjw
	yQnKZOVego2hNYGd133D/ywKVDFwu7WE0VqtF5PQ/tleW7Kan+drVhleqsp0Ll61iHZNziwIcvJ
	Z90i6i64uK0ItaAUyNKlAoLv5OPs+KBo/WCtzQwaUqg==
X-Received: by 2002:a24:cb02:: with SMTP id
	u2-v6mr2220705itg.107.1536115848318;
	Tue, 04 Sep 2018 19:50:48 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdYI58jHxBuEgXMjiiu6ZyvZyRKC896K3O33abne4J3knklN0zitofj+69+FJacJrzxBBq3OCQ==
X-Received: by 2002:a24:cb02:: with SMTP id
	u2-v6mr2220700itg.107.1536115848097;
	Tue, 04 Sep 2018 19:50:48 -0700 (PDT)
Received: from kbuntu.fuzzbuzz.org (23-233-27-24.cpe.pppoe.ca.
	[23.233.27.24]) by smtp.gmail.com with ESMTPSA id
	i139-v6sm401558ioa.26.2018.09.04.19.50.46
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 04 Sep 2018 19:50:46 -0700 (PDT)
From: Khalid Elmously <khalid.elmously@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Bionic][ 1/6] KVM: s390: implement CPU model only facilities
Date: Tue,  4 Sep 2018 22:50:31 -0400
Message-Id: <20180905025036.31858-2-khalid.elmously@canonical.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180905025036.31858-1-khalid.elmously@canonical.com>
References: <20180905025036.31858-1-khalid.elmously@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Christian Borntraeger <borntraeger@de.ibm.com>

CVE-2017-5715 (Spectre v2 s390x)

Some facilities should only be provided to the guest, if they are
enabled by a CPU model. This allows us to avoid capabilities and
to simply fall back to the cpumodel for deciding about a facility
without enabling it for older QEMUs or QEMUs without a CPU
model.

Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
(cherry-picked from c3b9e3e1ea1c1d1524b56b6734711db2a6fc2163)
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
---
 arch/s390/kvm/kvm-s390.c         | 53 ++++++++++++++++++++------------
 arch/s390/kvm/kvm-s390.h         |  2 --
 arch/s390/tools/gen_facilities.c | 20 ++++++++++++
 3 files changed, 54 insertions(+), 21 deletions(-)

diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index 656a3c8dfb50..9629be612304 100644
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -151,13 +151,33 @@ static int nested;
 module_param(nested, int, S_IRUGO);
 MODULE_PARM_DESC(nested, "Nested virtualization support");
 
-/* upper facilities limit for kvm */
-unsigned long kvm_s390_fac_list_mask[16] = { FACILITIES_KVM };
 
-unsigned long kvm_s390_fac_list_mask_size(void)
+/*
+ * For now we handle at most 16 double words as this is what the s390 base
+ * kernel handles and stores in the prefix page. If we ever need to go beyond
+ * this, this requires changes to code, but the external uapi can stay.
+ */
+#define SIZE_INTERNAL 16
+
+/*
+ * Base feature mask that defines default mask for facilities. Consists of the
+ * defines in FACILITIES_KVM and the non-hypervisor managed bits.
+ */
+static unsigned long kvm_s390_fac_base[SIZE_INTERNAL] = { FACILITIES_KVM };
+/*
+ * Extended feature mask. Consists of the defines in FACILITIES_KVM_CPUMODEL
+ * and defines the facilities that can be enabled via a cpu model.
+ */
+static unsigned long kvm_s390_fac_ext[SIZE_INTERNAL] = { FACILITIES_KVM_CPUMODEL };
+
+static unsigned long kvm_s390_fac_size(void)
 {
-	BUILD_BUG_ON(ARRAY_SIZE(kvm_s390_fac_list_mask) > S390_ARCH_FAC_MASK_SIZE_U64);
-	return ARRAY_SIZE(kvm_s390_fac_list_mask);
+	BUILD_BUG_ON(SIZE_INTERNAL > S390_ARCH_FAC_MASK_SIZE_U64);
+	BUILD_BUG_ON(SIZE_INTERNAL > S390_ARCH_FAC_LIST_SIZE_U64);
+	BUILD_BUG_ON(SIZE_INTERNAL * sizeof(unsigned long) >
+		sizeof(S390_lowcore.stfle_fac_list));
+
+	return SIZE_INTERNAL;
 }
 
 /* available cpu features supported by kvm */
@@ -1953,20 +1973,15 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 	if (!kvm->arch.sie_page2)
 		goto out_err;
 
-	/* Populate the facility mask initially. */
-	memcpy(kvm->arch.model.fac_mask, S390_lowcore.stfle_fac_list,
-	       sizeof(S390_lowcore.stfle_fac_list));
-	for (i = 0; i < S390_ARCH_FAC_LIST_SIZE_U64; i++) {
-		if (i < kvm_s390_fac_list_mask_size())
-			kvm->arch.model.fac_mask[i] &= kvm_s390_fac_list_mask[i];
-		else
-			kvm->arch.model.fac_mask[i] = 0UL;
-	}
-
-	/* Populate the facility list initially. */
 	kvm->arch.model.fac_list = kvm->arch.sie_page2->fac_list;
-	memcpy(kvm->arch.model.fac_list, kvm->arch.model.fac_mask,
-	       S390_ARCH_FAC_LIST_SIZE_BYTE);
+
+	for (i = 0; i < kvm_s390_fac_size(); i++) {
+		kvm->arch.model.fac_mask[i] = S390_lowcore.stfle_fac_list[i] &
+					      (kvm_s390_fac_base[i] |
+					       kvm_s390_fac_ext[i]);
+		kvm->arch.model.fac_list[i] = S390_lowcore.stfle_fac_list[i] &
+					      kvm_s390_fac_base[i];
+	}
 
 	/* we are always in czam mode - even on pre z14 machines */
 	set_kvm_facility(kvm->arch.model.fac_mask, 138);
@@ -3965,7 +3980,7 @@ static int __init kvm_s390_init(void)
 	}
 
 	for (i = 0; i < 16; i++)
-		kvm_s390_fac_list_mask[i] |=
+		kvm_s390_fac_base[i] |=
 			S390_lowcore.stfle_fac_list[i] & nonhyp_mask(i);
 
 	return kvm_init(NULL, sizeof(struct kvm_vcpu), 0, THIS_MODULE);
diff --git a/arch/s390/kvm/kvm-s390.h b/arch/s390/kvm/kvm-s390.h
index efa186f065fb..0f08873937d4 100644
--- a/arch/s390/kvm/kvm-s390.h
+++ b/arch/s390/kvm/kvm-s390.h
@@ -281,8 +281,6 @@ void exit_sie(struct kvm_vcpu *vcpu);
 void kvm_s390_sync_request(int req, struct kvm_vcpu *vcpu);
 int kvm_s390_vcpu_setup_cmma(struct kvm_vcpu *vcpu);
 void kvm_s390_vcpu_unsetup_cmma(struct kvm_vcpu *vcpu);
-unsigned long kvm_s390_fac_list_mask_size(void);
-extern unsigned long kvm_s390_fac_list_mask[];
 void kvm_s390_set_cpu_timer(struct kvm_vcpu *vcpu, __u64 cputm);
 __u64 kvm_s390_get_cpu_timer(struct kvm_vcpu *vcpu);
 
diff --git a/arch/s390/tools/gen_facilities.c b/arch/s390/tools/gen_facilities.c
index 0373801d9860..78b7192fc070 100644
--- a/arch/s390/tools/gen_facilities.c
+++ b/arch/s390/tools/gen_facilities.c
@@ -62,6 +62,13 @@ static struct facility_def facility_defs[] = {
 		}
 	},
 	{
+		/*
+		 * FACILITIES_KVM contains the list of facilities that are part
+		 * of the default facility mask and list that are passed to the
+		 * initial CPU model. If no CPU model is used, this, together
+		 * with the non-hypervisor managed bits, is the maximum list of
+		 * guest facilities supported by KVM.
+		 */
 		.name = "FACILITIES_KVM",
 		.bits = (int[]){
 			0,  /* N3 instructions */
@@ -89,6 +96,19 @@ static struct facility_def facility_defs[] = {
 			-1  /* END */
 		}
 	},
+	{
+		/*
+		 * FACILITIES_KVM_CPUMODEL contains the list of facilities
+		 * that can be enabled by CPU model code if the host supports
+		 * it. These facilities are not passed to the guest without
+		 * CPU model support.
+		 */
+
+		.name = "FACILITIES_KVM_CPUMODEL",
+		.bits = (int[]){
+			-1  /* END */
+		}
+	},
 };
 
 static void print_facility_list(struct facility_def *def)

From patchwork Wed Sep  5 02:50:32 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Khalid Elmously <khalid.elmously@canonical.com>
X-Patchwork-Id: 966199
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com
	(client-ip=91.189.94.19; helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 424p9c0HV4z9sD2;
	Wed,  5 Sep 2018 12:50:59 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1fxNu8-0003al-Se; Wed, 05 Sep 2018 02:50:52 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.86_2) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNu7-0003Zi-MR
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:51 +0000
Received: from mail-it0-f71.google.com ([209.85.214.71])
	by youngberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNu7-0005Ox-Bm
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:51 +0000
Received: by mail-it0-f71.google.com with SMTP id i188-v6so6181732itf.6
	for <kernel-team@lists.ubuntu.com>;
	Tue, 04 Sep 2018 19:50:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=vJsGT98DcehrjXFiSeMvVt4vajIZ0Rp6VMFlkkMkox8=;
	b=riu0n3JJZDOM5U8uKfSF+Xr5hrmh3nrTWtePaT5rq+XdsIFcvEA4LqN0f/vRkmNO2D
	poWybbFvt+Qtiou4H4MGuEPCj7jsDqmdGK30WlN50nS9o05PUk3b80uvegQnHphyyi/I
	4phPfKy7pBuwgx/6KadqDtAJ4F1N7JFwG2OAmKkPOUDsyc15KE3788UWsCdelkzZ75zN
	HbJiD2p9mZtpWSOBSHFZbUJzZxTKWTK277vEeHMzsGSNK/JWBsEh/AX0U9S1AhwxMV2c
	ZrNULHe4oP6m9hZflrdvISBOHS6I1CE6+HTCdAzqpvJHwqdwla0OmUujTHGXNxp89eaB
	XIyQ==
X-Gm-Message-State: APzg51BDLJgFgZoP2pa+RkPSZkG97efwokApVUDGCURyHcAbiz/L8p0T
	WjmxiAlOtTr7ifOckAegceHhivg8pkY5Cjo+UuhDs+HaJP6aTgu1UM8Y+FIiH6tB8+Hintv4bww
	+kgIu7APGDwYCZcjT+Uw2WmZnv5rl8qO9OosHYL64gg==
X-Received: by 2002:a24:7bd4:: with SMTP id
	q203-v6mr10006369itc.123.1536115850117;
	Tue, 04 Sep 2018 19:50:50 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdYcLS250eauuiP6RqIyCo5ALplYGnnTOQj7F1JS9o+G2FPGRtELsfgDipmVDCAiBW4aVUxHSQ==
X-Received: by 2002:a24:7bd4:: with SMTP id
	q203-v6mr10006364itc.123.1536115849952;
	Tue, 04 Sep 2018 19:50:49 -0700 (PDT)
Received: from kbuntu.fuzzbuzz.org (23-233-27-24.cpe.pppoe.ca.
	[23.233.27.24]) by smtp.gmail.com with ESMTPSA id
	i139-v6sm401558ioa.26.2018.09.04.19.50.48
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 04 Sep 2018 19:50:48 -0700 (PDT)
From: Khalid Elmously <khalid.elmously@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Bionic][ 2/6] s390: detect etoken facility
Date: Tue,  4 Sep 2018 22:50:32 -0400
Message-Id: <20180905025036.31858-3-khalid.elmously@canonical.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180905025036.31858-1-khalid.elmously@canonical.com>
References: <20180905025036.31858-1-khalid.elmously@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Martin Schwidefsky <schwidefsky@de.ibm.com>

CVE-2017-5715 (Spectre v2 s390x)

Detect and report the etoken facility. With spectre_v2=auto or
CONFIG_EXPOLINE_AUTO=y automatically disable expolines and use
the full branch prediction mode for the kernel.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
(cherry-picked from aeaf7002a76c8da60c0f503badcbddc07650678c)
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
---
 arch/s390/kernel/nospec-branch.c | 12 +++++++++++-
 arch/s390/kernel/nospec-sysfs.c  |  2 ++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/arch/s390/kernel/nospec-branch.c b/arch/s390/kernel/nospec-branch.c
index 8ad6a7128b3a..555da6e05d7b 100644
--- a/arch/s390/kernel/nospec-branch.c
+++ b/arch/s390/kernel/nospec-branch.c
@@ -35,6 +35,8 @@ early_param("nospec", nospec_setup_early);
 
 static int __init nospec_report(void)
 {
+	if (test_facility(156))
+		pr_info("Spectre V2 mitigation: etokens\n");
 	if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable)
 		pr_info("Spectre V2 mitigation: execute trampolines.\n");
 	if (__test_facility(82, S390_lowcore.alt_stfle_fac_list))
@@ -56,7 +58,15 @@ early_param("nospectre_v2", nospectre_v2_setup_early);
 
 void __init nospec_auto_detect(void)
 {
-	if (IS_ENABLED(CC_USING_EXPOLINE)) {
+	if (test_facility(156)) {
+		/*
+		 * The machine supports etokens.
+		 * Disable expolines and disable nobp.
+		 */
+		if (IS_ENABLED(CC_USING_EXPOLINE))
+			nospec_disable = 1;
+		__clear_facility(82, S390_lowcore.alt_stfle_fac_list);
+	} else if (IS_ENABLED(CC_USING_EXPOLINE)) {
 		/*
 		 * The kernel has been compiled with expolines.
 		 * Keep expolines enabled and disable nobp.
diff --git a/arch/s390/kernel/nospec-sysfs.c b/arch/s390/kernel/nospec-sysfs.c
index 8affad5f18cb..e30e580ae362 100644
--- a/arch/s390/kernel/nospec-sysfs.c
+++ b/arch/s390/kernel/nospec-sysfs.c
@@ -13,6 +13,8 @@ ssize_t cpu_show_spectre_v1(struct device *dev,
 ssize_t cpu_show_spectre_v2(struct device *dev,
 			    struct device_attribute *attr, char *buf)
 {
+	if (test_facility(156))
+		return sprintf(buf, "Mitigation: etokens\n");
 	if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable)
 		return sprintf(buf, "Mitigation: execute trampolines\n");
 	if (__test_facility(82, S390_lowcore.alt_stfle_fac_list))

From patchwork Wed Sep  5 02:50:33 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Khalid Elmously <khalid.elmously@canonical.com>
X-Patchwork-Id: 966200
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com
	(client-ip=91.189.94.19; helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 424p9f6qclz9s7T;
	Wed,  5 Sep 2018 12:51:02 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1fxNuC-0003c3-0u; Wed, 05 Sep 2018 02:50:56 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.86_2) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNu9-0003b8-Na
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:53 +0000
Received: from mail-it0-f71.google.com ([209.85.214.71])
	by youngberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNu9-0005P7-9A
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:53 +0000
Received: by mail-it0-f71.google.com with SMTP id w132-v6so5869558ita.6
	for <kernel-team@lists.ubuntu.com>;
	Tue, 04 Sep 2018 19:50:53 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=zr3IuZMxqAcn/Ba9Qs/EK+D0Mm1EMAXPDiTbq9HFpu8=;
	b=Eye7PhKudCi+4lE3x9v9tvyP+mHerwUZMdfgwAPjCRB4T4bIZ1U3iF/qVnCRgZgZIX
	wOdsgURRzdQ4sqFmFgD6bx7dWB2sayROO/SW45M0bmJw7YgfLYEG0mB2cU0uQa74WdK0
	VdvdwaWcPxBtVr/gOlLtUuuq0Nn8CLDzd6reYh/3iAvPKOyOQMF+kTdxvhrZtA6iRrIy
	HfpFL9O5CvqU3Q3338dZBTVRofJEBeR41S8ZOIXNbqiiAcBeQJyyH0wQx0VliK29rgxI
	nt5eV6t0xvc7eryB6HPJSpBkCAl/L2sjm0C9d/53eCchmWv9e6i0S4zUWxcTCXN1rw++
	Ox/g==
X-Gm-Message-State: APzg51CACiikmFk0xottcbtr4tLt3k44ovjGylIbZKIEEJLz0f+FcAgq
	c1nFRM5acgeyloyOVkzo5zJo8e63AOxJQY0LRwZwiRRw+FmY+9FiE6fyoqruKncxu53ivS6xe8H
	DxJHQHkqp1CEKSb3yYNwc9ljDyuEQ8m0sqcMx3HEIMg==
X-Received: by 2002:a24:53c3:: with SMTP id
	n186-v6mr2490976itb.11.1536115851826;
	Tue, 04 Sep 2018 19:50:51 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdaEvEDc9ajeVTNb8aqevFUpGXDr1L9N5JWJ4PEqwGFbTWCJX1FPBBYvdFewCWyJmH6Amd34Ig==
X-Received: by 2002:a24:53c3:: with SMTP id
	n186-v6mr2490972itb.11.1536115851659;
	Tue, 04 Sep 2018 19:50:51 -0700 (PDT)
Received: from kbuntu.fuzzbuzz.org (23-233-27-24.cpe.pppoe.ca.
	[23.233.27.24]) by smtp.gmail.com with ESMTPSA id
	i139-v6sm401558ioa.26.2018.09.04.19.50.50
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 04 Sep 2018 19:50:50 -0700 (PDT)
From: Khalid Elmously <khalid.elmously@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Bionic][ 3/6] KVM: s390: define GISA format-0 data structure
Date: Tue,  4 Sep 2018 22:50:33 -0400
Message-Id: <20180905025036.31858-4-khalid.elmously@canonical.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180905025036.31858-1-khalid.elmously@canonical.com>
References: <20180905025036.31858-1-khalid.elmously@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Michael Mueller <mimu@linux.vnet.ibm.com>

CVE-2017-5715 (Spectre v2 s390x)

In preperation to support pass-through adapter interrupts, the Guest
Interruption State Area (GISA) and the Adapter Interruption Virtualization
(AIV) features will be introduced here.

This patch introduces format-0 GISA (that is defines the struct describing
the GISA, allocates storage for it, and introduces fields for the
GISA address in kvm_s390_sie_block and kvm_s390_vsie).

As the GISA requires storage below 2GB, it is put in sie_page2, which is
already allocated in ZONE_DMA. In addition, The GISA requires alignment to
its integral boundary. This is already naturally aligned via the
padding in the sie_page2.

Signed-off-by: Michael Mueller <mimu@linux.vnet.ibm.com>
Reviewed-by: Pierre Morel <pmorel@linux.vnet.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
(cherry-picked from 19114beb73f774e466d9e39b8e8b961812c9f881)
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
---
 arch/s390/include/asm/kvm_host.h | 23 +++++++++++++++++++----
 arch/s390/kvm/kvm-s390.c         |  1 +
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/arch/s390/include/asm/kvm_host.h b/arch/s390/include/asm/kvm_host.h
index cd7ed86c571e..90d4af0b5c55 100644
--- a/arch/s390/include/asm/kvm_host.h
+++ b/arch/s390/include/asm/kvm_host.h
@@ -183,6 +183,7 @@ struct kvm_s390_sie_block {
 #define ECA_IB		0x40000000
 #define ECA_SIGPI	0x10000000
 #define ECA_MVPGI	0x01000000
+#define ECA_AIV		0x00200000
 #define ECA_VX		0x00020000
 #define ECA_PROTEXCI	0x00002000
 #define ECA_SII		0x00000001
@@ -228,7 +229,8 @@ struct kvm_s390_sie_block {
 	__u8    epdx;			/* 0x0069 */
 	__u8    reserved6a[2];		/* 0x006a */
 	__u32	todpr;			/* 0x006c */
-	__u8	reserved70[16];		/* 0x0070 */
+	__u32	gd;			/* 0x0070 */
+	__u8	reserved74[12];		/* 0x0074 */
 	__u64	mso;			/* 0x0080 */
 	__u64	msl;			/* 0x0088 */
 	psw_t	gpsw;			/* 0x0090 */
@@ -720,14 +722,27 @@ struct kvm_s390_crypto_cb {
 	struct kvm_s390_apcb1 apcb1;		/* 0x0080 */
 };
 
+struct kvm_s390_gisa {
+	u32 next_alert;
+	u8 ipm;
+	u8 reserved01;
+	u8 : 6;
+	u8 g : 1;
+	u8 c : 1;
+	u8 iam;
+	u8 reserved02[4];
+	u32 airq_count;
+};
+
 /*
- * sie_page2 has to be allocated as DMA because fac_list and crycb need
- * 31bit addresses in the sie control block.
+ * sie_page2 has to be allocated as DMA because fac_list, crycb and
+ * gisa need 31bit addresses in the sie control block.
  */
 struct sie_page2 {
 	__u64 fac_list[S390_ARCH_FAC_LIST_SIZE_U64];	/* 0x0000 */
 	struct kvm_s390_crypto_cb crycb;		/* 0x0800 */
-	u8 reserved900[0x1000 - 0x900];			/* 0x0900 */
+	struct kvm_s390_gisa gisa;			/* 0x0900 */
+	u8 reserved910[0x1000 - 0x910];			/* 0x0910 */
 };
 
 struct kvm_s390_vsie {
diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index 9629be612304..20f2acc8e7f9 100644
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -1968,6 +1968,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 	if (!kvm->arch.dbf)
 		goto out_err;
 
+	BUILD_BUG_ON(sizeof(struct sie_page2) != 4096);
 	kvm->arch.sie_page2 =
 	     (struct sie_page2 *) get_zeroed_page(GFP_KERNEL | GFP_DMA);
 	if (!kvm->arch.sie_page2)

From patchwork Wed Sep  5 02:50:34 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Khalid Elmously <khalid.elmously@canonical.com>
X-Patchwork-Id: 966202
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com
	(client-ip=91.189.94.19; helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 424p9j2V6lz9sCn;
	Wed,  5 Sep 2018 12:51:05 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1fxNuD-0003dB-7I; Wed, 05 Sep 2018 02:50:57 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.86_2) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNuB-0003bm-FB
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:55 +0000
Received: from mail-it0-f72.google.com ([209.85.214.72])
	by youngberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNuB-0005PG-4l
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:55 +0000
Received: by mail-it0-f72.google.com with SMTP id x15-v6so6175353ite.8
	for <kernel-team@lists.ubuntu.com>;
	Tue, 04 Sep 2018 19:50:55 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=o3ML+ZHcarbI+POiZYOEy2WHycERKogO/EDhJnTuWxc=;
	b=tL5ichaLng1wqd8o68Xmw7h4zovU6BIZvF35UllV8ky/aFJFwKy3ZNAZTKzFbX7kQK
	C7e9lKstAsrvphKQLWLbiCpWt5dWXliQyMAeDagoMEQeOsNrITryoXRUF8ZrkLgj5n4H
	z8BPMd/lT+p2lBWLT69vicALDeench9xvLOKpFvIWSHBBq0M3/VAk8U2674ft6fRUFs/
	ZQJZawHsfrIoLEDlqzrL1VKQTa8ZhmruE+a3CSiN92t6HUus02Nk/ppfyZZAeiP7Xsxe
	hVSQ1zjD176bF9/pWB0e5zPkQy6455Rg7wWV7vaw7R/eKOTNHeSlvbAYlzAa67w43cNd
	YRJQ==
X-Gm-Message-State: APzg51ALrN0kZj0Wh5CoT4jOUGZWERm5n98oBcS64QrdowS4eVwoc+Rn
	jErhTUSWrtFTpogcAdTpCsuF4ZV3GQiCaNz1qOLZNcwbWzkf9kbf+blUAdS3YlMf3Kc3xeZsXAd
	GAJOKiBKH/Cp4Vabzbk8R/agCzKpKCyfb6yB6gn2NiQ==
X-Received: by 2002:a24:d283:: with SMTP id
	z125-v6mr2275829itf.96.1536115853665;
	Tue, 04 Sep 2018 19:50:53 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0Vdb8n3iH1lYYkWwFkUk10rtz57ClD9N8UWEfK6+qXZg6396Dbcrry4afPMZIcK8fLE70cWPc7Q==
X-Received: by 2002:a24:d283:: with SMTP id
	z125-v6mr2275824itf.96.1536115853440;
	Tue, 04 Sep 2018 19:50:53 -0700 (PDT)
Received: from kbuntu.fuzzbuzz.org (23-233-27-24.cpe.pppoe.ca.
	[23.233.27.24]) by smtp.gmail.com with ESMTPSA id
	i139-v6sm401558ioa.26.2018.09.04.19.50.51
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 04 Sep 2018 19:50:52 -0700 (PDT)
From: Khalid Elmously <khalid.elmously@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Bionic][ 4/6] KVM: s390: add etoken support for guests
Date: Tue,  4 Sep 2018 22:50:34 -0400
Message-Id: <20180905025036.31858-5-khalid.elmously@canonical.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180905025036.31858-1-khalid.elmously@canonical.com>
References: <20180905025036.31858-1-khalid.elmously@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Christian Borntraeger <borntraeger@de.ibm.com>

CVE-2017-5715 (Spectre v2 s390x)

We want to provide facility 156 (etoken facility) to our
guests. This includes migration support (via sync regs) and
VSIE changes. The tokens are being reset on clear reset. This
has to be implemented by userspace (via sync regs).

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
(cherry-picked from a3da7b4a3be51f37f434f14e11e60491f098b6ea)
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
---
 arch/s390/include/asm/kvm_host.h |  1 +
 arch/s390/include/uapi/asm/kvm.h |  5 ++++-
 arch/s390/kvm/kvm-s390.c         | 13 +++++++++++--
 arch/s390/kvm/vsie.c             |  9 +++++++--
 arch/s390/tools/gen_facilities.c |  3 ++-
 5 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/arch/s390/include/asm/kvm_host.h b/arch/s390/include/asm/kvm_host.h
index 90d4af0b5c55..e9ba4243d602 100644
--- a/arch/s390/include/asm/kvm_host.h
+++ b/arch/s390/include/asm/kvm_host.h
@@ -268,6 +268,7 @@ struct kvm_s390_sie_block {
 	__u8	reserved1c0[8];		/* 0x01c0 */
 #define ECD_HOSTREGMGMT	0x20000000
 #define ECD_MEF		0x08000000
+#define ECD_ETOKENF	0x02000000
 	__u32	ecd;			/* 0x01c8 */
 	__u8	reserved1cc[18];	/* 0x01cc */
 	__u64	pp;			/* 0x01de */
diff --git a/arch/s390/include/uapi/asm/kvm.h b/arch/s390/include/uapi/asm/kvm.h
index 4cdaa55fabfe..9a50f02b9894 100644
--- a/arch/s390/include/uapi/asm/kvm.h
+++ b/arch/s390/include/uapi/asm/kvm.h
@@ -4,7 +4,7 @@
 /*
  * KVM s390 specific structures and definitions
  *
- * Copyright IBM Corp. 2008
+ * Copyright IBM Corp. 2008, 2018
  *
  *    Author(s): Carsten Otte <cotte@de.ibm.com>
  *               Christian Borntraeger <borntraeger@de.ibm.com>
@@ -225,6 +225,7 @@ struct kvm_guest_debug_arch {
 #define KVM_SYNC_FPRS   (1UL << 8)
 #define KVM_SYNC_GSCB   (1UL << 9)
 #define KVM_SYNC_BPBC   (1UL << 10)
+#define KVM_SYNC_ETOKEN (1UL << 11)
 /* length and alignment of the sdnx as a power of two */
 #define SDNXC 8
 #define SDNXL (1UL << SDNXC)
@@ -258,6 +259,8 @@ struct kvm_sync_regs {
 		struct {
 			__u64 reserved1[2];
 			__u64 gscb[4];
+			__u64 etoken;
+			__u64 etoken_extension;
 		};
 	};
 };
diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index 20f2acc8e7f9..acc6e9f3e4ae 100644
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -2263,6 +2263,8 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
 		vcpu->run->kvm_valid_regs |= KVM_SYNC_BPBC;
 	if (test_kvm_facility(vcpu->kvm, 133))
 		vcpu->run->kvm_valid_regs |= KVM_SYNC_GSCB;
+	if (test_kvm_facility(vcpu->kvm, 156))
+		vcpu->run->kvm_valid_regs |= KVM_SYNC_ETOKEN;
 	/* fprs can be synchronized via vrs, even if the guest has no vx. With
 	 * MACHINE_HAS_VX, (load|store)_fpu_regs() will work with vrs format.
 	 */
@@ -2510,7 +2512,13 @@ int kvm_arch_vcpu_setup(struct kvm_vcpu *vcpu)
 	}
 	if (test_kvm_facility(vcpu->kvm, 139))
 		vcpu->arch.sie_block->ecd |= ECD_MEF;
-
+	if (test_kvm_facility(vcpu->kvm, 156))
+		vcpu->arch.sie_block->ecd |= ECD_ETOKENF;
+	if (vcpu->arch.sie_block->gd) {
+		vcpu->arch.sie_block->eca |= ECA_AIV;
+		VCPU_EVENT(vcpu, 3, "AIV gisa format-%u enabled for cpu %03u",
+			   vcpu->arch.sie_block->gd & 0x3, vcpu->vcpu_id);
+	}
 	vcpu->arch.sie_block->sdnxo = ((unsigned long) &vcpu->run->s.regs.sdnx)
 					| SDNXC;
 	vcpu->arch.sie_block->riccbd = (unsigned long) &vcpu->run->s.regs.riccb;
@@ -3382,6 +3390,7 @@ static void sync_regs(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
 		}
 		preempt_enable();
 	}
+	/* SIE will load etoken directly from SDNX and therefore kvm_run */
 
 	kvm_run->kvm_dirty_regs = 0;
 }
@@ -3421,7 +3430,7 @@ static void store_regs(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
 			__ctl_clear_bit(2, 4);
 		vcpu->arch.host_gscb = NULL;
 	}
-
+	/* SIE will save etoken directly into SDNX and therefore kvm_run */
 }
 
 int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c
index eb3043a7fff5..1f5989422df6 100644
--- a/arch/s390/kvm/vsie.c
+++ b/arch/s390/kvm/vsie.c
@@ -2,7 +2,7 @@
 /*
  * kvm nested virtualization support for s390x
  *
- * Copyright IBM Corp. 2016
+ * Copyright IBM Corp. 2016, 2018
  *
  *    Author(s): David Hildenbrand <dahi@linux.vnet.ibm.com>
  */
@@ -372,6 +372,10 @@ static int shadow_scb(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page)
 	if (test_kvm_facility(vcpu->kvm, 139))
 		scb_s->ecd |= scb_o->ecd & ECD_MEF;
 
+	/* etoken */
+	if (test_kvm_facility(vcpu->kvm, 156))
+		scb_s->ecd |= scb_o->ecd & ECD_ETOKENF;
+
 	prepare_ibc(vcpu, vsie_page);
 	rc = shadow_crycb(vcpu, vsie_page);
 out:
@@ -621,7 +625,8 @@ static int pin_blocks(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page)
 		/* Validity 0x0044 will be checked by SIE */
 		scb_s->riccbd = hpa;
 	}
-	if ((scb_s->ecb & ECB_GS) && !(scb_s->ecd & ECD_HOSTREGMGMT)) {
+	if (((scb_s->ecb & ECB_GS) && !(scb_s->ecd & ECD_HOSTREGMGMT)) ||
+	    (scb_s->ecd & ECD_ETOKENF)) {
 		unsigned long sdnxc;
 
 		gpa = READ_ONCE(scb_o->sdnxo) & ~0xfUL;
diff --git a/arch/s390/tools/gen_facilities.c b/arch/s390/tools/gen_facilities.c
index 78b7192fc070..c3582a42b598 100644
--- a/arch/s390/tools/gen_facilities.c
+++ b/arch/s390/tools/gen_facilities.c
@@ -4,7 +4,7 @@
  * numbering scheme from the Princples of Operations: most significant bit
  * has bit number 0.
  *
- *    Copyright IBM Corp. 2015
+ *    Copyright IBM Corp. 2015, 2018
  *
  */
 
@@ -106,6 +106,7 @@ static struct facility_def facility_defs[] = {
 
 		.name = "FACILITIES_KVM_CPUMODEL",
 		.bits = (int[]){
+			156, /* etoken facility */
 			-1  /* END */
 		}
 	},

From patchwork Wed Sep  5 02:50:35 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Khalid Elmously <khalid.elmously@canonical.com>
X-Patchwork-Id: 966201
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com
	(client-ip=91.189.94.19; helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 424p9j082yz9s7T;
	Wed,  5 Sep 2018 12:51:05 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1fxNuE-0003eL-Hg; Wed, 05 Sep 2018 02:50:58 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.86_2) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNuD-0003dA-EE
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:57 +0000
Received: from mail-io0-f200.google.com ([209.85.223.200])
	by youngberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNuD-0005PO-0z
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:57 +0000
Received: by mail-io0-f200.google.com with SMTP id r206-v6so5667625iod.2
	for <kernel-team@lists.ubuntu.com>;
	Tue, 04 Sep 2018 19:50:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=OkygdUl3YZRbGOSZedoTW0mTYCCREtm3evDHA73vNUo=;
	b=hqhauM6yQopyHv02SPfcxo+1Iu0SnwEUDfywP0ZljcJcPiFOzoXP2azwHq87vrUuRS
	ewvHGAlJgcsufP3AmFTfQv5VZs5tQLOAfgDS5p4iAwOF6rqwk6QgLi10RTlL2ZR4H7I0
	7PzT/R7m1Pev+QgeM6ysHbGInGs3tXD84ARGT5nXEN1XLVhwt1I09ECLIX/iRkUL7Wto
	iWlxB70DlXK/lT85xtXaxGXLkfnvfjWapFWPimNBQvt9/6GHp0vseeLEACQA/3TVTeJb
	gxzqrhgAN2qwJcWatfKOeCdldsfOjFxBXWLn0Y82gPrm6q2QKZdbyWRx/n8KhXcBpfUy
	o8wQ==
X-Gm-Message-State: APzg51A5YtzB3F3AxwVTX3B9cq0yhbOJHGO56Dz64F4pGm4o0eKl3ln8
	XNCBC6p84yOlMvxkCqYr0CwY7HM1HLzrtDnJAwtsVGerRi5cU9SjnbZaYokfTkUtZA6AwI9bZeK
	k/dh4bJmlXjWwID9O3w9yvDc3vD2Gl+5mZnJs+taMUg==
X-Received: by 2002:a24:3c56:: with SMTP id
	m83-v6mr2279991ita.134.1536115855576;
	Tue, 04 Sep 2018 19:50:55 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdabzpcM5W0sri7yEphNo9H6Gao9gFuF1EgQ2i+zD20YmT73pzwNeXg40+rj18dLI9qTzyb5Lg==
X-Received: by 2002:a24:3c56:: with SMTP id
	m83-v6mr2279987ita.134.1536115855413;
	Tue, 04 Sep 2018 19:50:55 -0700 (PDT)
Received: from kbuntu.fuzzbuzz.org (23-233-27-24.cpe.pppoe.ca.
	[23.233.27.24]) by smtp.gmail.com with ESMTPSA id
	i139-v6sm401558ioa.26.2018.09.04.19.50.53
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 04 Sep 2018 19:50:53 -0700 (PDT)
From: Khalid Elmously <khalid.elmously@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Bionic][ 5/6] s390/lib: use expoline for all bcr instructions
Date: Tue,  4 Sep 2018 22:50:35 -0400
Message-Id: <20180905025036.31858-6-khalid.elmously@canonical.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180905025036.31858-1-khalid.elmously@canonical.com>
References: <20180905025036.31858-1-khalid.elmously@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Martin Schwidefsky <schwidefsky@de.ibm.com>

CVE-2017-5715 (Spectre v2 s390x)

The memove, memset, memcpy, __memset16, __memset32 and __memset64
function have an additional indirect return branch in form of a
"bzr" instruction. These need to use expolines as well.

Cc: <stable@vger.kernel.org> # v4.17+
Fixes: 97489e0663 ("s390/lib: use expoline for indirect branches")
Reviewed-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
(cherry-picked from 5eda25b10297684c1f46a14199ec00210f3c346e)
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
---
 arch/s390/lib/mem.S | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/arch/s390/lib/mem.S b/arch/s390/lib/mem.S
index 2311f15be9cf..40c4d59c926e 100644
--- a/arch/s390/lib/mem.S
+++ b/arch/s390/lib/mem.S
@@ -17,7 +17,7 @@
 ENTRY(memmove)
 	ltgr	%r4,%r4
 	lgr	%r1,%r2
-	bzr	%r14
+	jz	.Lmemmove_exit
 	aghi	%r4,-1
 	clgr	%r2,%r3
 	jnh	.Lmemmove_forward
@@ -36,6 +36,7 @@ ENTRY(memmove)
 .Lmemmove_forward_remainder:
 	larl	%r5,.Lmemmove_mvc
 	ex	%r4,0(%r5)
+.Lmemmove_exit:
 	BR_EX	%r14
 .Lmemmove_reverse:
 	ic	%r0,0(%r4,%r3)
@@ -65,7 +66,7 @@ EXPORT_SYMBOL(memmove)
  */
 ENTRY(memset)
 	ltgr	%r4,%r4
-	bzr	%r14
+	jz	.Lmemset_exit
 	ltgr	%r3,%r3
 	jnz	.Lmemset_fill
 	aghi	%r4,-1
@@ -80,6 +81,7 @@ ENTRY(memset)
 .Lmemset_clear_remainder:
 	larl	%r3,.Lmemset_xc
 	ex	%r4,0(%r3)
+.Lmemset_exit:
 	BR_EX	%r14
 .Lmemset_fill:
 	cghi	%r4,1
@@ -115,7 +117,7 @@ EXPORT_SYMBOL(memset)
  */
 ENTRY(memcpy)
 	ltgr	%r4,%r4
-	bzr	%r14
+	jz	.Lmemcpy_exit
 	aghi	%r4,-1
 	srlg	%r5,%r4,8
 	ltgr	%r5,%r5
@@ -124,6 +126,7 @@ ENTRY(memcpy)
 .Lmemcpy_remainder:
 	larl	%r5,.Lmemcpy_mvc
 	ex	%r4,0(%r5)
+.Lmemcpy_exit:
 	BR_EX	%r14
 .Lmemcpy_loop:
 	mvc	0(256,%r1),0(%r3)
@@ -145,9 +148,9 @@ EXPORT_SYMBOL(memcpy)
 .macro __MEMSET bits,bytes,insn
 ENTRY(__memset\bits)
 	ltgr	%r4,%r4
-	bzr	%r14
+	jz	.L__memset_exit\bits
 	cghi	%r4,\bytes
-	je	.L__memset_exit\bits
+	je	.L__memset_store\bits
 	aghi	%r4,-(\bytes+1)
 	srlg	%r5,%r4,8
 	ltgr	%r5,%r5
@@ -163,8 +166,9 @@ ENTRY(__memset\bits)
 	larl	%r5,.L__memset_mvc\bits
 	ex	%r4,0(%r5)
 	BR_EX	%r14
-.L__memset_exit\bits:
+.L__memset_store\bits:
 	\insn	%r3,0(%r2)
+.L__memset_exit\bits:
 	BR_EX	%r14
 .L__memset_mvc\bits:
 	mvc	\bytes(1,%r1),0(%r1)

From patchwork Wed Sep  5 02:50:36 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Khalid Elmously <khalid.elmously@canonical.com>
X-Patchwork-Id: 966203
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com
	(client-ip=91.189.94.19; helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 424p9l27pLz9s7T;
	Wed,  5 Sep 2018 12:51:07 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1fxNuG-0003gX-PM; Wed, 05 Sep 2018 02:51:00 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)
	(Exim 4.86_2) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNuF-0003et-1j
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:59 +0000
Received: from mail-io0-f197.google.com ([209.85.223.197])
	by youngberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <khalid.elmously@canonical.com>)
	id 1fxNuE-0005PX-Kb
	for kernel-team@lists.ubuntu.com; Wed, 05 Sep 2018 02:50:58 +0000
Received: by mail-io0-f197.google.com with SMTP id o4-v6so5541089iob.12
	for <kernel-team@lists.ubuntu.com>;
	Tue, 04 Sep 2018 19:50:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=GIHkudF+HX/qzzBu0UDl9wzdoQsW9Lzkxi71e5p0YEU=;
	b=g/dde0CM7wsdJfGyG02TXzcWNetnP0YgkFL3b2Z71G5weiv2lf6DgKSkF3vR7i3/f/
	8qmSNwUObHPcYsJfHRR6ysn0DHXzDvuDc4dQLNoW1JRkP/udFdp70J31Euh3ebZu+AjD
	bBzUmbSWDzn/tIzXtbtsbdiFAeeoaRHruRlMEdOM0CHfCZqKwG2bPo+6gmqoK8E9iRyz
	dLYopWMsNI6ryksKAIO8C/b3Os+hjNshG/bNWjKfQROgNSvqpiqYbc0HKj3FFBbN+5j1
	8CGVUDgCVETew9VxjEEgOdG84OTLH/55DCslk1pPoKnPvHP9nPO23e0cJNA/YvyKtkYo
	PMlg==
X-Gm-Message-State: APzg51D1o81GlDrhVNUJvKSKjwpNMU30okotYe7qxj068AkS0Fhqst9v
	oWiS+BJWtOz7NXaKG57KvvQe7y8jaViNlgdMKmX6Srh/NoVDOKJQyOFx5QpdYlre9D/ocVLVUO0
	SxOV0drrhBoUXqmwhkkuD2CWveoAUtpqHOJDQb378pw==
X-Received: by 2002:a24:d104:: with SMTP id
	w4-v6mr10068495itg.29.1536115857414;
	Tue, 04 Sep 2018 19:50:57 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdYlQKl7R93S0+b5ITQPlmFebO5116Jwok2UpKvYVRIAR/ziIyqKWb4J0Q7A00JtTX7IXCY81Q==
X-Received: by 2002:a24:d104:: with SMTP id
	w4-v6mr10068489itg.29.1536115857139;
	Tue, 04 Sep 2018 19:50:57 -0700 (PDT)
Received: from kbuntu.fuzzbuzz.org (23-233-27-24.cpe.pppoe.ca.
	[23.233.27.24]) by smtp.gmail.com with ESMTPSA id
	i139-v6sm401558ioa.26.2018.09.04.19.50.55
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 04 Sep 2018 19:50:55 -0700 (PDT)
From: Khalid Elmously <khalid.elmously@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Bionic][ 6/6] s390: fix br_r1_trampoline for machines without
	exrl
Date: Tue,  4 Sep 2018 22:50:36 -0400
Message-Id: <20180905025036.31858-7-khalid.elmously@canonical.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180905025036.31858-1-khalid.elmously@canonical.com>
References: <20180905025036.31858-1-khalid.elmously@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Martin Schwidefsky <schwidefsky@de.ibm.com>

CVE-2017-5715 (Spectre v2 s390x)

For machines without the exrl instruction the BFP jit generates
code that uses an "br %r1" instruction located in the lowcore page.
Unfortunately there is a cut & paste error that puts an additional
"larl %r1,.+14" instruction in the code that clobbers the branch
target address in %r1. Remove the larl instruction.

Cc: <stable@vger.kernel.org> # v4.17+
Fixes: de5cb6eb51 ("s390: use expoline thunks in the BPF JIT")
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
(cherry-picked from 26f843848bae973817b3587780ce6b7b0200d3e4)
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
---
 arch/s390/net/bpf_jit_comp.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c
index f5ad92d09006..6b84bdc94055 100644
--- a/arch/s390/net/bpf_jit_comp.c
+++ b/arch/s390/net/bpf_jit_comp.c
@@ -518,8 +518,6 @@ static void bpf_jit_epilogue(struct bpf_jit *jit, u32 stack_depth)
 			/* br %r1 */
 			_EMIT2(0x07f1);
 		} else {
-			/* larl %r1,.+14 */
-			EMIT6_PCREL_RILB(0xc0000000, REG_1, jit->prg + 14);
 			/* ex 0,S390_lowcore.br_r1_tampoline */
 			EMIT4_DISP(0x44000000, REG_0, REG_0,
 				   offsetof(struct lowcore, br_r1_trampoline));